Summary
| Detail | |||
|---|---|---|---|
| Vendor | Turbolinux | First view | 2003-06-16 |
| Product | Turbolinux Workstation | Last view | 2005-12-31 |
| Version | Type | ||
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5 | 2005-12-31 | CVE-2005-3626 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. |
| 10 | 2005-12-31 | CVE-2005-3625 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." |
| 5 | 2005-12-31 | CVE-2005-3624 | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. |
| 3.7 | 2005-05-02 | CVE-2005-0988 | Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. |
| 7.5 | 2005-04-14 | CVE-2004-1176 | Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. |
| 7.5 | 2005-04-14 | CVE-2004-1175 | fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. |
| 5 | 2005-04-14 | CVE-2004-1174 | direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." |
| 5 | 2005-04-14 | CVE-2004-1093 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." |
| 5 | 2005-04-14 | CVE-2004-1092 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. |
| 5 | 2005-04-14 | CVE-2004-1091 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. |
| 5 | 2005-04-14 | CVE-2004-1090 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." |
| 5 | 2005-04-14 | CVE-2004-1009 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. |
| 7.5 | 2005-04-14 | CVE-2004-1005 | Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. |
| 7.5 | 2005-04-14 | CVE-2004-1004 | Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. |
| 7.5 | 2004-12-31 | CVE-2004-0817 | Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. |
| 5.1 | 2004-12-31 | CVE-2004-0802 | Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. |
| 2.1 | 2004-12-27 | CVE-2004-1377 | The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files. |
| 10 | 2003-10-06 | CVE-2003-0694 | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. |
| 7.5 | 2003-10-06 | CVE-2003-0681 | A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. |
| 7.5 | 2003-06-16 | CVE-2003-0370 | Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 66% (2) | CWE-399 | Resource Management Errors |
| 33% (1) | CWE-189 | Numeric Errors |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:595 | Potential BO in Ruleset Parsing for Sendmail |
| oval:org.mitre.oval:def:3606 | Sendmail Ruleset Parsing Buffer Overflow |
| oval:org.mitre.oval:def:603 | Sendmail BO in prescan Function |
| oval:org.mitre.oval:def:572 | Sendmail BO in Prescan Function |
| oval:org.mitre.oval:def:2975 | Sendmail prescan function Buffer Overflow |
| oval:org.mitre.oval:def:8843 | Multiple heap-based buffer overflows in the imlib BMP image handler allow rem... |
| oval:org.mitre.oval:def:765 | GNU GZip CHMod File Permission Modification Race ConditionWeakness |
| oval:org.mitre.oval:def:1169 | gzip Hard Link Attack |
| oval:org.mitre.oval:def:10242 | Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzippe... |
| oval:org.mitre.oval:def:9437 | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf... |
| oval:org.mitre.oval:def:9575 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS... |
| oval:org.mitre.oval:def:9992 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS... |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 22235 | Multiple Products Xpdf/kpdf Crafted FlateDecode Stream NULL Dereference DoS |
| 22234 | Multiple Products Xpdf/kpdf Crafted CCITTFaxDecode / DCTDecode Stream DoS |
| 22233 | Multiple Products Xpdf/kpdf Stream.cc CCITTFaxStream::CCITTFaxStream Function... |
| 15487 | gzip Race Condition Arbitrary File Permission Modification |
| 12911 | Midnight Commander Unspecified Underflow DoS |
| 12910 | Midnight Commander Insecure Filename Quoting Arbitrary Command Execution |
| 12909 | Midnight Commander Nonexistent File Descriptor Handling DoS |
| 12908 | Midnight Commander Unspecified Freed Memory DoS |
| 12907 | Midnight Commander Unspecified Unallocated Memory Issue |
| 12906 | Midnight Commander Unspecified Null Dereference DoS |
| 12905 | Midnight Commander Corrupted Selection Header DoS |
| 12904 | Midnight Commander Unspecified Infinite Loop DoS |
| 12903 | Midnight Commander Multiple Unspecified Overflows |
| 12902 | Midnight Commander Multiple Unspecified Format Strings |
| 12845 | GNU a2ps psmandup Script Symlink Arbitrary File Overwrite |
| 12844 | GNU a2ps fixps Script Symlink Arbitrary File Overwrite |
| 9781 | imlib2 BMP Image Decoding Overflow |
| 9436 | imlib2 BMP Decoding Overflow |
| 9435 | imlib BMP Decoding Overflow |
| 2577 | Sendmail prescan() Function Remote Overflow |
| 2538 | KDE does not validate the Common Name field |
OpenVAS Exploits
| id | Description |
|---|---|
| 2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
| 2009-10-10 | Name : SLES9: Security update for imlib File : nvt/sles9p5014360.nasl |
| 2009-10-10 | Name : SLES9: Security update for Midnight Commander File : nvt/sles9p5011441.nasl |
| 2009-06-03 | Name : Solaris Update for SunFreeware gzip 120719-02 File : nvt/gb_solaris_120719_02.nasl |
| 2009-05-05 | Name : HP-UX Update for sendmail HPSBUX00281 File : nvt/gb_hp_ux_HPSBUX00281.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200409-07 (xv) File : nvt/glsa_200409_07.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200409-12 (imagemagick imlib) File : nvt/glsa_200409_12.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200502-24 (mc) File : nvt/glsa_200502_24.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200505-05 (gzip) File : nvt/glsa_200505_05.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200601-02 (kdegraphics, kpdf, koffice, kword) File : nvt/glsa_200601_02.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdfto... File : nvt/glsa_200601_17.nasl |
| 2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-05:11.gzip.asc) File : nvt/freebsdsa_gzip.nasl |
| 2008-09-04 | Name : FreeBSD Ports: mc File : nvt/freebsd_mc.nasl |
| 2008-09-04 | Name : FreeBSD Ports: imlib2 File : nvt/freebsd_imlib2.nasl |
| 2008-09-04 | Name : FreeBSD Ports: imlib File : nvt/freebsd_imlib0.nasl |
| 2008-09-04 | Name : FreeBSD Ports: gzip File : nvt/freebsd_gzip.nasl |
| 2008-09-04 | Name : FreeBSD Ports: a2ps-a4, a2ps-letter, a2ps-letterdj File : nvt/freebsd_a2ps-a4.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 384-1 (sendmail) File : nvt/deb_384_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 936-1 (libextractor) File : nvt/deb_936_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 361-1 (kdelibs) File : nvt/deb_361_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 548-1 (imlib) File : nvt/deb_548_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 548-2 (imlib) File : nvt/deb_548_2.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 552-1 (imlib2) File : nvt/deb_552_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 639-1 (mc) File : nvt/deb_639_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 752-1 (gzip) File : nvt/deb_752_1.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | RCPT TO overflow RuleID : 654-community - Type : SERVER-MAIL - Revision : 28 |
| 2014-01-10 | RCPT TO overflow RuleID : 654 - Type : SERVER-MAIL - Revision : 28 |
| 2014-01-10 | Sendmail RCPT TO prescan too long addresses overflow RuleID : 2270-community - Type : SERVER-MAIL - Revision : 18 |
| 2014-01-10 | Sendmail RCPT TO prescan too long addresses overflow RuleID : 2270 - Type : SERVER-MAIL - Revision : 18 |
| 2014-01-10 | RCPT TO overflow RuleID : 18574 - Type : SERVER-MAIL - Revision : 6 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2012-09-24 | Name: The remote Fedora Core host is missing a security update. File: fedora_2006-010.nasl - Type: ACT_GATHER_INFO |
| 2012-09-24 | Name: The remote Fedora Core host is missing a security update. File: fedora_2006-011.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_9797.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_ba005226fb5b11d89837000c41e2cdad.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_00644f03fb5811d89837000c41e2cdad.nasl - Type: ACT_GATHER_INFO |
| 2007-09-25 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHNE_35484.nasl - Type: ACT_GATHER_INFO |
| 2007-09-25 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHNE_35483.nasl - Type: ACT_GATHER_INFO |
| 2007-09-25 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHNE_35485.nasl - Type: ACT_GATHER_INFO |
| 2006-10-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-962.nasl - Type: ACT_GATHER_INFO |
| 2006-10-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-961.nasl - Type: ACT_GATHER_INFO |
| 2006-10-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-950.nasl - Type: ACT_GATHER_INFO |
| 2006-10-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-940.nasl - Type: ACT_GATHER_INFO |
| 2006-10-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-938.nasl - Type: ACT_GATHER_INFO |
| 2006-10-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-937.nasl - Type: ACT_GATHER_INFO |
| 2006-10-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-936.nasl - Type: ACT_GATHER_INFO |
| 2006-10-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-931.nasl - Type: ACT_GATHER_INFO |
| 2006-10-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-932.nasl - Type: ACT_GATHER_INFO |
| 2006-09-22 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2006-262-01.nasl - Type: ACT_GATHER_INFO |
| 2006-08-01 | Name: The remote operating system is missing a vendor-supplied patch. File: macosx_SecUpd2006-004.nasl - Type: ACT_GATHER_INFO |
| 2006-07-05 | Name: The remote CentOS host is missing a security update. File: centos_RHSA-2006-0177.nasl - Type: ACT_GATHER_INFO |
| 2006-07-05 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2005-868.nasl - Type: ACT_GATHER_INFO |
| 2006-07-03 | Name: The remote CentOS host is missing a security update. File: centos_RHSA-2005-357.nasl - Type: ACT_GATHER_INFO |
| 2006-07-03 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2006-0163.nasl - Type: ACT_GATHER_INFO |
| 2006-07-03 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2006-0160.nasl - Type: ACT_GATHER_INFO |
| 2006-07-03 | Name: The remote CentOS host is missing a security update. File: centos_RHSA-2005-840.nasl - Type: ACT_GATHER_INFO |
